Memory based malware infections on computers and other electronic devices are very intrusive and hard to detect and repair. For example, the design of the personal computer (“PC”) architecture, particularly the design of the Memory Management Unit, does not provide a straightforward facility to trap when memory is being written. One approach today is to mark all protected memory as read-only, and then catch the exception generated when something attempts to write to the memory. Such a technique has several shortcomings. It is conducted on a per-memory-page basis, meaning that the granularity of the technique cannot be conducted on blocks of memory less than 4 kilobytes, the size of a typical memory page. It is limited by the operating system virtual memory management unit, and changing such a unit is not supported by commercial operating systems. The technique downgrades the system performance, as an exception is thrown every time memory is written. It is also difficult to tell if an infection is associated with malicious operation or not.
Malware may include, but is not limited to, spyware, rootkits, password stealers, spam, sources of phishing attacks, sources of denial-of-service-attacks, viruses, loggers, Trojans, adware, or any other digital content that produces unwanted activity.